Security researcher Mathy Vanhoef of KU Leuven in Belgium, found that, WPA2 (Wi-Fi Protected Access 2) vulnerable to cryptographic attack. This flow in WPA2's cryptographic protocols could allow hackers to infiltrate into your wireless Ethernet and steal your passwords, financial data or even inject a new data to manipulate commands. Although the attacker should be in the range of wireless network , this situation still causes a huge security vulnerability.
Ubiquiti Networks released a new Firmware to avoid this intrusion and solve the vulnerability issue. Ubiquiti states that they take security very seriously, and realize that it is of the utmost importance. Yesterday, a vulnerability was published about WPA2 encrypted networks, the most commonly recommended encryption method available to protect Wi-Fi devices. They have been working with Jouni Malinen, the original author of hostap, as well as other industry leaders in security, to roll out a stable UniFi firmware in time for the public disclosure. They released firmware v.220.127.116.1137 for UniFi Access Points. This firmware resolves the vulnerability on any affected UniFi device.They also add, “At this time, the beta feature 802.11r (“Fast Roaming” in the controller UI) is still vulnerable, so we recommend that you temporarily disable this feature. 802.11r has not been shown to improve roaming performance dramatically without full 802.11k support, so it is not recommended for multiple reasons. We are actively working on patching this, and it will be ready in the near future.”
|Model||Firmware Link||MD5 Checksum Link|
For further information on how to upgrade your AP’s firmware, please click here.
following devices are not affected, so they do not require a firmware update: UAP-AC, UAP-ACv2, UAP-AC-Outdoor
*Please keep it in mind this vulnerability affects Wi-Fi client devices more specifically than access point devices, so we advise you to check all your mobile devices, laptops, PCs for KRACK issue.
Credits: Ubiquiti Networks